What is GDPR?

The GDPR is EU legislation drafted to regulate the data privacy protections of EU residents. The GDPR is set to go into effect in May 2018.

GDPR definition

The General Data Protection Regulation is legislation developed to strengthen and standardise data privacy protections for residents of the European Union. The GDPR is meant as a replacement for the European Data Protection Directive, which was created in 1995 and represents the last major EU legislation regarding personal data privacy. Compliance with the GDPR is paramount to anyone doing business in EU countries.

Compliance with the GDPR

In addition to scaling up the security surrounding customers’ data, the GDPR stipulates that, in the event of a security breach, customers must be notified within 72 hours. Everyone who plans to do business in the European Union and/or work with European Union residents’ data should make sure they are in compliance with the GDPR before it goes into effect in May 2018. This means identifying data risk and scaling up technology so that it adequately protects said data. Noncompliance will mean fines of up to 20 million euro or 4% of the company’s revenue (whichever number is greater).

HPE GDPR compliance solutions

The HPE infrastructure stack, including servers, storage, and networking, has been validated against the NIST 800-53 controls foundation for accelerating regulatory compliance initiatives like EU General Data Protection Regulation (EU GDPR).